Dear XML Security Working Group,
I am a student currently preparing a talk on ES-Security and therefore XML-Encryption.
I first tried to send this email to Joseph Reagle, one of the listed editors. I got an automailresponse response that he no longer works for the w3c so this is my next try.
If I am not mistaken I found a little error (or better said: typo) in the standard located at:http://www.w3.org/TR/xmlenc-core/
The error is in the example at the beginning of section 2.2.1 (EncryptedData with Symmetric Key), the example reads:
[s1]<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#'
Type='http://www.w3.org/2001/04/xmlenc#Element'/>
[s2]<EncryptionMethod
Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc'/>
[s3]<ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
[s4]<ds:KeyName>John Smith</ds:KeyName>
[s5]</ds:KeyInfo>
[s6]<CipherData><CipherValue>DEADBEEF</CipherValue></CipherData>
[s7]</EncryptedData>
The EncryptedData element at [s1] must not be empty (as it also gets closed at [s7]).
I also didn't find this error in the errata.
Kind Regards,
Tobias Pfeiffer